POSITION SUMMARY
This role will work as part of a team assessing customer organizations against global, regulatory, and industry requirements, including publications released by the International Organization for Standardization (ISO). The team member will initially support experienced project and team leaders and be assigned specific technical and non‑technical engagement segments. The role will develop into a practice Engagement Lead that collaborates with Project Managers, Directors, and other delivery team members to effectively manage project timelines, schedules, customer communication, and work product construction.
DESCRIPTION
A Senior Consultant on the Global Assurance team enhances the posture and maturity of customer processes affecting information security and data privacy management through the technical evaluation of governance programs. The role evaluates both the design and operating effectiveness of technical controls supporting management systems and helps identify improvement opportunities for customers.
REQUIREMENTS
SKILLS
* Public‑speaking skills set along with an apparent executive presence that solicits attention from audiences
* Inquisitive and curious nature with the ability to effectively probe for deeper information
* Attention for detail and quality processes
* Strong consulting skills with a desire to corroborate surface‑level discoveries with objective evidence
* Ability to build high‑trust relationships, rapport, and credibility quickly with peers and customers
* Strong written and verbal communication skills, including the ability to explain technical concepts to non‑technical audiences
* Personal initiatives toward organization, time management, and learning
* Proficient time management skills when managing multiple tasks
EXPERIENCE
* 4‑6 years of experience in a privacy related role such as a Privacy Engineer/Technical Privacy Investigator, Privacy Analyst/Specialist, or similar role. OR
* 4‑6 years of experience as an IT consultant, IT auditor, or similar role but with knowledge of GDPR requirements, ISO 27701, or sector‑specific privacy and data security laws at the federal level.
* Prior employment with a professional services firm or an accredited certification body for management systems
* Previous project experience implementing or assessing information assurance frameworks and control sets, such as ISO 27001, ISO 27002, ISO 27017, ISO 27018, ISO 27701, Cloud Controls Matrix (CCM), NIST SP 800‑53, or NIST Cyber Security Framework (CSF)
* General knowledge and application of audit planning, testing, and reporting procedures
* Capability to independently research a technical topic and develop logical testing approaches
* Comfort leading customer calls, interview walkthroughs, and inquiry sessions with client points of contact
* Knowledge of current events affecting changes within information security and data privacy practices (e.g., breaches, laws, consent orders and decrees)
* Computer and typing skills that permit rapid data collection during meetings with both internal and external contacts
REQUIRED CERTIFICATIONS
* Higher priority: Certification to any of the following audit and assessment schemes in order of relevance: ISO 27701 Lead Auditor/Lead Implementor, ISO 27001 Lead Auditor/Lead Implementor, ISO 9001 Lead Auditor, ISO 22301 Lead Auditor, ISO 20000‑1 Lead Auditor, CISA, CIPP/US, CIPM, or CIPP/E
* Lower priority: Certification to any of the following information security schemes in order of relevance: CCSK, CRISC, CISM, CISSP, CCSP
* Certification to any of the following industry schemes: Amazon Web Services (AWS) Solutions Architect –Associate, AWS SysOps Administrator, Microsoft Azure Solutions Architect – Associate, Microsoft Azure Security Engineer – Associate, Google Cloud Platform (GCP) – Associate Cloud Engineer, GCP Professional Cloud Architect, etc.
EDUCATION
* Bachelor’s degree in a relevant field (CIS, MIS, Privacy, Law, Risk Management, or another related field)
ESSENTIAL RESPONSIBILITIES
* Autonomously leads interview and inquiry walkthroughs with client points of contact to determine the conformity of environments against stated requirements
* Responsible party and primary, first‑level reviewer of draft audit planning and reporting material provided by support staff throughout the engagement lifecycle
* Responsible party and final‑level reviewer of customer‑facing work products prior.
* Works closely with experienced team members to ensure the completeness and accuracy of audit procedures for customer organization scopes
* Pursues and corroborates conclusions derived from inquiry procedures with auditee contacts while ensuring diligent interview notes are captured as a result of direct interactions with customers
* Offline and remote evidence inspection of client‑provided documentation with the ability to appropriately mark artifacts requiring follow up or additional clarification from the auditee
* Draft audit programs that sufficiently address both the required objectives of the certification body and the complexity of the client environment
* Adheres to pre‑defined project timelines and communicates possible changes to the schedule or scope of work with appropriate internal team members
* Manages priorities and tasks to achieve billable utilization targets established for the role
* Continuous professional development when maintaining subject matter‑specific certifications, credentials, and designations
* Collaborates with project managers, quality assurance, and/or other delivery team members to drive customer satisfaction and the timely production of deliverables
* Willing to train newer resources (both FTE & contractors) on the internal procedures and certification body methodology
* Identifies upsell and cross‑sell opportunities and escalates to practice management
* Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable supporting engagements
* Establishes and maintains positive collaborative relationships with clients and involved stakeholders
* Provides advice to customers on issues affecting the scope of work in a manner that provides additional value beyond the text described within the audit criteria and learned through exposure with alternate environments
* Remains abreast to regulations or standards that are either in draft or approaching enforcement affecting publications via ISO
* Standard office environment (ability to be successful when working remotely, if necessary)
* Preference to be available for working hours aligning with Eastern Standard Time (EST)
* Passport required
#J-18808-Ljbffr